Date: Sat, 05 Nov 2011 13:01:23 +0200 From: Mikolaj Golub <trociny@freebsd.org> To: Kostik Belousov <kostikbel@gmail.com> Cc: freebsd-hackers@freebsd.org, Robert Watson <rwatson@freebsd.org> Subject: Re: "ps -e" without procfs(5) Message-ID: <86r51msuik.fsf@kopusha.home.net> In-Reply-To: <20111031094948.GB50300@deviant.kiev.zoral.com.ua> (Kostik Belousov's message of "Mon, 31 Oct 2011 11:49:48 %2B0200") References: <86y5wkeuw9.fsf@kopusha.home.net> <20111016171005.GB50300@deviant.kiev.zoral.com.ua> <86aa8qozyx.fsf@kopusha.home.net> <20111025082451.GO50300@deviant.kiev.zoral.com.ua> <86aa8k2im0.fsf@kopusha.home.net> <20111031094948.GB50300@deviant.kiev.zoral.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 31 Oct 2011 11:49:48 +0200 Kostik Belousov wrote: KB> I suspect this is my bug: Reading the GET_PS_STRINGS_CHUNK_SZ may validly KB> return EFAULT if the string is shorter than the chunk and aligned at KB> the end of the page, assuming the next page is not mapped. There should KB> be a fallback to fubyte() read loop. I remember that copyinstr() was KB> unsuitable. Hm, I thought that this issue was only for reading arg and env strings (which could be shorter than GET_PS_STRINGS_CHUNK_SZ), but investigating the cases when EFAULT was returned in my tests (running buildworld and procstat in loop) I saw that it also returned when reading other objects (like struct ps_strings), and a fallback to fubyte() read loop was successful in those cases too. So I updated the patch to do fallback for any type of read (although it does not contain a good comment explaining why fubyte() read might succeed when proc_rwmem() failed). Also there were the cases when EFAULT was returned because arg vector contained the NULL pointer. I observed this for sh processes. In lib/libc/gen/setproctitle.c I found this comment: oargc = ps_strings->ps_nargvstr; oargv = ps_strings->ps_argvstr; for (i = len = 0; i < oargc; i++) { /* * The program may have scribbled into its * argv array, e.g., to remove some arguments. * If that has happened, break out before * trying to call strlen on a NULL pointer. */ if (oargv[i] == NULL) { oargc = i; break; } I have updated my patch to do the same. Running buildworld test after these changes I have observed EFAULT only once, for cc process, when argv contained a pointer to 0x40. Also, for kern.proc.args some times errors like below are observed: procstat: sysctl: kern.proc.args: 58002: 8: Exec format error And for kern.proc.env: procstat: sysctl: kern.proc.env: 81352: 16: Device busy But I have not investigated these cases yet. The update version: http://people.freebsd.org/~trociny/env.sys.2.patch -- Mikolaj Golub
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86r51msuik.fsf>